WMC Agent Virus/Folder will not go away.

Joined
May 17, 2018
Messages
1
OS
Windows 10
Antivirus
Malwarebytes
#1
The only virus I have been able to find still is located in the wmcagent folder in App Data/Local but MBAM is not able to get rid of it and the folder gives repeated Access Denied messages.
 
Operating System
Windows 10
Are you using a 32-bit or 64-bit operating system?
64-bit (x64)
Infection date and initial symptoms
4/18/2018-ish
Current issues and symptoms
The Virus makes my disk usage run at 100% almost all the time, although sometimes this goes down and the CPU/GPU usage will go up instead.
Steps taken in order to remove the infection
Repeated scans with hitman pro and MBAM which always say they are successful but have still not removed the virus.
Logs added to Help Request
FRST.txt, Addition.txt

Attachments

TwinHeadedEagle

Removal Expert
Staff member
Joined
Mar 8, 2013
Messages
22,092
OS
Windows 10
Antivirus
ESET
#2
Hello,



Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.
  • Now you should get a window like this where you need to click Troubleshoot.

  • In the next window, click Advanced options and select Command Prompt.
  • Now you should log in into your account and after that Command Promptwindow.
Access the notepad and identify your USB drive

In the Command Prompt please type in:
Code:
notepad
and press Enter.
  • When the notepad opens, go to File menu.
  • Select Open.
  • Go to Computer and search there for your USB drive letter.
  • Note down the letter and close the notepad.


Scan with Farbar Recovery Scan Tool

Once back in the command prompt window, please do the following:
  • Type in e:\frst64.exe and press Enter.
    You need to replace e with the letter of your USB drive taken from notepad!
  • FRST will start to run. Give him a minute or so to load itself.
  • Click Yes to Disclaimer.
  • In the main console, please click Scan and wait.
  • When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile.

Transfer it to your clean machine and include it in your next reply.